THREAT OPS › Threat News › CVE-2026-58319: Apache Doris: Improper Authentication in Frontend HTTP API
CVE-2026-58319: Apache Doris: Improper Authentication in Frontend HTTP API
<p>Posted by Mingyu Chen on Jul 13</p>Severity: critical <br /> <br /> Affected versions:<br /> <br /> - Apache Doris 2.1.0 before 3.1.0<br /> <br /> Description:<br /> <br /> Certain Apache Doris FE HTTP REST administrative APIs were accessible without proper authentication. An unauthenticated <br /> attacker with network access to the FE HTTP service could perform unauthorized administrative ope
Indicators of compromise
- CVE-2026-58319cve
Original source: https://seclists.org/oss-sec/2026/q3/133